


import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.text.SimpleDateFormat;
import java.util.Date;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class login
 */
@WebServlet("/login")
public class login extends HttpServlet {
	private static final long serialVersionUID = 1L;
    private String haslo="";
    /**
     * @see HttpServlet#HttpServlet()
     */
    public login() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		if(request.getParameter("lang")!=null){
			if(request.getParameter("lang").equals("pl")){
				HttpSession sesja = request.getSession(true);
				sesja.setAttribute("lang","pl");
				response.sendRedirect("index.jsp?add="+request.getParameter("add"));
			}
			else{
				HttpSession sesja = request.getSession(true);
				sesja.setAttribute("lang","en");
				response.sendRedirect("index.jsp?add="+request.getParameter("add"));
				
			}			
		}
		else{
			doPost(request,response);
		}
		
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		HttpSession sesja = request.getSession(true);
		 response.setCharacterEncoding("UTF-8");
		 request.setCharacterEncoding("UTF-8");
		
		if(request.getParameter("ac")!=null && request.getParameter("ac").equals("log")){
		String log = request.getParameter("login");
		String pas = request.getParameter("password");
		System.out.println(log+" "+pas);
		try {
		  Connection con = mb.commons.DbConnection.getConnection();
		  Statement stmt = con.createStatement();
		  ResultSet rs = stmt.executeQuery("SELECT * FROM uzytkownicy WHERE login = '"+log+"' AND haslo = '"+pas+"'");
		  sesja.setAttribute("log","blad");
		  while(rs.next()){
			  String l = rs.getString("login");
			  String h = rs.getString("haslo");
			  if(l.equals(log)&&h.equals(pas)){
				  sesja.setAttribute("log",rs.getString("rodzaj"));
				  sesja.setAttribute("nick",l);
				  if(request.getParameter("t")!=null && request.getParameter("t").equals("m")){
					  response.setContentType("text/html;charset=UTF-8");
						PrintWriter out = response.getWriter();
						out.println(l+";ok");
						out.close();
				  }
			  }			  
		  }
		  if(request.getParameter("t")!=null && request.getParameter("t").equals("m")){
			  response.setContentType("text/html;charset=UTF-8");
				PrintWriter out = response.getWriter();
				out.println(";nie");
				out.close();
		  }
		  else{
		  response.sendRedirect("index.jsp");
		  }
		} catch (Exception e) {
			e.printStackTrace();
			 sesja.setAttribute("log","blad");
			 response.sendRedirect("index.jsp");
		}
		}
		else if(request.getParameter("ac")!=null && request.getParameter("ac").equals("wyl")){
			try {
				Connection con = mb.commons.DbConnection.getConnection();
			 	Statement stmt = con.createStatement();
			 	Date data = new Date();
			 	SimpleDateFormat sdf= new SimpleDateFormat("yyyy-MM-dd");
				int query = stmt.executeUpdate("UPDATE `kurier`.`uzytkownicy` SET `ostatnie_log` = '"+sdf.format(data)+"' WHERE `uzytkownicy`.`login` LIKE '"+sesja.getAttribute("nick")+"'");
			}   catch (SQLException e) {
				response.sendRedirect("index.jsp?add=error&id=1");
				e.printStackTrace();
			}
			sesja.setAttribute("log","nie");
			response.sendRedirect("index.jsp");
		}
		else if(request.getParameter("ac")!=null && request.getParameter("ac").equals("change") && request.getParameter("pass1")!=null){
			try {
				Connection con = mb.commons.DbConnection.getConnection();
			 	Statement stmt = con.createStatement();
				int query = stmt.executeUpdate("UPDATE `kurier`.`uzytkownicy` SET `haslo` = '"+request.getParameter("pass1")+"' WHERE `uzytkownicy`.`login` LIKE '"+sesja.getAttribute("nick")+"'");
				response.sendRedirect("index.jsp?add=congratulations&pass=forgot");
			}   catch (SQLException e) {
				response.sendRedirect("index.jsp?add=error&id=1");
				e.printStackTrace();
			}
		
		}
		else if( request.getParameter("register")!=null && request.getParameter("register").equals("new")){
			try {
						  Connection con = mb.commons.DbConnection.getConnection();
						  Statement stmt = con.createStatement();
						  Date data = new Date();
						  Integer id=0;
						  SimpleDateFormat sdf= new SimpleDateFormat("yyyy-MM-dd");
						  int query = stmt.executeUpdate("INSERT INTO `kurier`.`uzytkownicy` (`id` ,`login` ,`haslo`,`mail`,`rodzaj` ,`data_rej` ,`ostatnie_log`)"+
						  "VALUES (NULL ,'"+request.getParameter("login")+"','"+request.getParameter("pass1")+"','"+request.getParameter("mail1")+"','klient','"+sdf.format(data)+"','"+sdf.format(data)+"')");
						  ResultSet rs = stmt.executeQuery("SELECT id FROM uzytkownicy WHERE login = '"+request.getParameter("login")+"'");
						  while(rs.next()){
							  id = Integer.parseInt(rs.getString("id"));
						  }	
						  query = stmt.executeUpdate("INSERT INTO `kurier`.`klienci` (`id_klienta` ,`id` ,`imie` ,`nazwisko` ,`adres`,`miasto`,`kod`)"+
						  "VALUES (NULL ,'"+id+"','"+request.getParameter("imie")+"','"+request.getParameter("nazwisko")+"','"+request.getParameter("adres")+"','"+request.getParameter("miasto")+"','"+request.getParameter("kod")+"')");
						  response.sendRedirect("index.jsp?add=congratulations");
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				response.sendRedirect("index.jsp?add=error&id=1");
				e.printStackTrace();
			}			
		}
		else if(request.getParameter("ac")!=null && request.getParameter("ac").equals("update")){
			try {
				Connection con = mb.commons.DbConnection.getConnection();
			 	Statement stmt = con.createStatement();
				Integer id=0;
				ResultSet rs = stmt.executeQuery("SELECT id FROM uzytkownicy WHERE login = '"+sesja.getAttribute("nick")+"'");
				while(rs.next()){
					  id = Integer.parseInt(rs.getString("id"));
				  }	
				int query = stmt.executeUpdate("UPDATE `kurier`.`uzytkownicy` SET `mail` = '"+request.getParameter("mail")+"' WHERE `id`= '"+id+"'");
				if(sesja.getAttribute("log").equals("kurier")) query = stmt.executeUpdate("UPDATE `kurier`.`kurierzy` SET `imie` = '"+request.getParameter("imie")+"' , `nazwisko` = '"+request.getParameter("nazwisko")+"' , `adres` = '"+request.getParameter("adres")+"' , `miasto` = '"+request.getParameter("miasto")+"' , `kod` = '"+request.getParameter("kod")+"' WHERE `id`= '"+id+"'");
				else if(sesja.getAttribute("log").equals("pracownik")) query = stmt.executeUpdate("UPDATE `kurier`.`pracownicy` SET `imie` = '"+request.getParameter("imie")+"' , `nazwisko` = '"+request.getParameter("nazwisko")+"' , `adres` = '"+request.getParameter("adres")+"' , `miasto` = '"+request.getParameter("miasto")+"' , `kod` = '"+request.getParameter("kod")+"' WHERE `id`= '"+id+"'");
				else if(sesja.getAttribute("log").equals("klient"))	query = stmt.executeUpdate("UPDATE `kurier`.`klienci` SET `imie` = '"+request.getParameter("imie")+"' , `nazwisko` = '"+request.getParameter("nazwisko")+"' , `adres` = '"+request.getParameter("adres")+"' , `miasto` = '"+request.getParameter("miasto")+"' , `kod` = '"+request.getParameter("kod")+"' WHERE `id`= '"+id+"'");
				response.sendRedirect("index.jsp?add=congratulations&acc=change");				
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				response.sendRedirect("index.jsp?add=error&id=1");
			}			
		}
		else if(request.getParameter("pass")!=null && request.getParameter("pass").equals("update")){
			try {
				Connection con = mb.commons.DbConnection.getConnection();
			 	Statement stmt = con.createStatement();
				int query = stmt.executeUpdate("UPDATE `kurier`.`uzytkownicy` SET `haslo` = '"+request.getParameter("pass1")+"' WHERE `login`= '"+sesja.getAttribute("nick")+"'");
				response.sendRedirect("index.jsp?add=congratulations&pass=change");		
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				response.sendRedirect("index.jsp?add=error&id=1");
			}	
		}

		  
	}

	
	
}


